There are no reviews yet. Be the first to send feedback to the community and the maintainers!
HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPTHypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.SimpleSvmHook
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.PgResarch
PatchGuard ResearchSimpleSvm
A minimalistic educational hypervisor for Windows on AMD processors.ExploitCapcom
This is a standalone exploit for a vulnerable feature in Capcom.sysMemoryMon
Detecting execution of kernel memory where is not backed by any image fileDotNetHooking
Sample use cases of the .NET native code hooking techniquescripts_for_RE
Python scripts for reverse engineering.GuardMon
Hypervisor based tool for monitoring system register accesses.UefiVarMonitor
The runtime DXE driver monitoring access to the UEFI variables by hooking the runtime service table.SmmExploit
The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.EopMon
Elevation of privilege detector based on HyperPlatformSushi
a Japanese food keeps you sanefindpg
Windbg extension to find PatchGuard pagesUEFI-BIOS-Security
Security Camp 2021 & GCC 2022hvext
The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.WinIoCtlDecoder
IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.HelloSmm
This is an instruction to run your own SMM code.DebugLogger
A software driver that lets you log kernel-mode debug output into a file on Windows.WPBT-Builder
The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.FU_Hypervisor
A hypervisor hiding user-mode memory using EPTCVE-2023-36427
Report and exploit of CVE-2023-36427kraft_dinner
Tool to dump UEFI runtime drivers implementing runtime services for WindowsHelloAmdHvPkg
HelloAmdHvPkg is a type-1 research hypervisor for AMD processors.Hello-VT-rp
A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.RemoteWriteMonitor
A tool to help malware analysts tell that the sample is injecting code into other process.Scavenger
A minifilter driver preserves all modified and deleted files.meow
nyāHelloIommuPkg
The sample DXE runtime driver demonstrating how to program DMA remapping.DumpVTable
Generates a Python script to give public interface names in an ActiveX file to an IDB file.DrvLoader
A command line tool to load and unload a device driver.CVE-2022-25949
A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.cs_driver
A sample project for using Capstone from a driver in Visual Studio 2015CVE-2014-0816
CVE-2014-0816CVE-2024-21305
Report and exploit of CVE-2024-21305.hyperplatform_log_parser
User-mode program parsing logs created by HyperPlatformtandasat.github.io
ProjectLoadTimeMonitor
The Visual Studio extension that measures load time of each project when a solution file is opened.CheckSDL
A tool evaluates security configurations of a given PE based on SDL without source codeListWorkItems
Lists work items being queued currently.DeviceOpener
A command line tool to check if a specified device is accessible.windbg_init
Windbg Init Scriptwin32_debugout
Shows debug strings on DebubView from an attached process by win32_remote.exe.ping_vmm
A user-mode program knocking at HyperPlatform's "backdoor"List-UEFI-Configuration-Tables
List UEFI Configuration TablesScopedResource
Scoped Resource - Generic RAII Wrapper for the Standard Library by Peter Sommerlad and Andrew L. SandovalSecRuntimeSample
A sample usege of SecRuntime.dll on Windows Phoneblog
CopyFiles
Copy files onto the IsolatedStorage so that you can download them using IsoStoreSpy.tandasat
shared
Manages files that are shared with multiple boxes.Love Open Source and this site? Check out how you can help us